Lucene search
Akash LabadeWPVDB-ID:FE9A9AE7-B547-4AC3-B309-93AB37D68112HistoryJun 24, 2019 - 12:00 a.m.
Ultimate Member < 2.0.52 - CSRF and Stored XSS issues
2019-06-2400:00:00
Akash Labade
wpscan.com
12
0.001 Low
EPSS
Percentile
25.0%
A CSRF vulnerability in adding/editing user roles in Ultimate Member 2.0.49. It also lead to stored XSS. Edit (WPScanTeam): July 9th, 2019 - v2.0.50 released and still affected. Escalated to WP Plugins Team July 9th, 2019 - v2.0.51 released, fixing the CSRF but not the XSS July 11th, 2019 - Escalated again to WP Plugins team, as another XSS was reported on June 24th, 2019 (https://github.com/ultimatemember/ultimatemember/issues/578) and was still unfixed. July 11th - v2.0.52 released fixing both XSS
PoC
Video POC : https://drive.google.com/file/d/1wz846fP9rB97PlRSlC4xHYW_Q5QJXK4s/view?usp=sharing csrf-um.html : https://drive.google.com/file/d/1p6Rzw3ts7RASP4X7H8v2CI3TIXPVwVn1/view?usp=sharing
| CPE | Name | Operator | Version |
|---|---|---|---|
| ultimate-member | lt | 2.0.52 |
Related
openvas
openvas
WordPress Ultimate Member Plugin < 2.0.52 Multiple Vulnerabilities
2022-07-12 00:00:00
wpexploit
wpexploit
Ultimate Member < 2.0.52 - CSRF and Stored XSS issues
2019-06-24 00:00:00
cve
cve
CVE-2019-14946
2019-08-12 16:15:15
CVE-2019-14947
2019-08-12 16:15:15
prion
prion
Design/Logic Flaw
2019-08-12 16:15:00
Design/Logic Flaw
2019-08-12 16:15:00
nvd
nvd
CVE-2019-14946
2019-08-12 16:15:15
CVE-2019-14947
2019-08-12 16:15:15
cvelist
cvelist
CVE-2019-14947
2019-08-12 15:27:56
CVE-2019-14946
2019-08-12 15:29:05
osv
osv
CVE-2019-14946
2019-08-12 16:15:15
CVE-2019-14947
2019-08-12 16:15:15